Sophos Endpoint Security and Control 10.3 Recommended release notes
January 2016
- About these release notes
- Version 10.3.15, January 2016
- Version 10.3.15, July 2015
- Version 10.3.13, April 2015
- Version 10.3.12, January 2015
- Version 10.3.11, October 2014
- Version 10.3.7, April 2014
- Version 10.3.1, February 2014
- Version 10.3.1, January 2014
- Known issues and limitations
- Additional information
- Technical support
- Legal notices
About these release notes
These are the release notes for Sophos Endpoint Security and Control 10.3 for Windows Recommended versions, managed by Sophos Enterprise Console or standalone.
Some of the features mentioned in these release notes are only available on managed computers or if you have the appropriate license.
Version 10.3.15, January 2016
Components
| Sophos Anti-Virus (SAV) | 10.3.15 |
| Threat detection engine | 3.63.0 |
| Sophos Client Firewall (SCF) | 3.0.4 (Windows 8 and later)
2.9.5 (Windows 7 and earlier) |
| Sophos AutoUpdate (SAU) | 4.3.10 |
| Sophos Patch Agent | 1.0.308.0 |
| Sophos Web Control | 10.3.10 |
| Sophos Remote Management System | 4.0.2 |
Updated components
The threat detection engine has been updated from 3.60.0 to 3.63.0. For information about the changes to the threat detection engine, see the Sophos Threat Detection Engine release notes.
Version 10.3.15, July 2015
Components
| Sophos Anti-Virus (SAV) | 10.3.15 |
| Threat detection engine | 3.60.0 |
| Sophos Client Firewall (SCF) | 3.0.4 (Windows 8 and later)
2.9.5 (Windows 7 and earlier) |
| Sophos AutoUpdate (SAU) | 4.3.10 |
| Sophos Patch Agent | 1.0.308.0 |
| Sophos Web Control | 10.3.10 |
| Sophos Remote Management System | 4.0.2 |
New features
- Initial support for Windows 10
With Sophos Endpoint Security and Control 10.3.15, you can protect a Windows 10 computer directly or upgrade your computer to Windows 10 following one of Microsoft’s supported upgrade paths from Windows 7 or 8.1.
If you are upgrading from an earlier Windows version and are using Endpoint Security and Control 10.3.15 or above, the endpoint protection will migrate along with the operating system and your protection will continue automatically. You may need to take some actions to finalize the update following migration in order to ensure you have full protection. For example, you may need to perform one additional reboot, or to use the “reprotect” option in Sophos Enterprise Console (SEC) to correct minor inconsistencies in the registry. Please read our extensive upgrade notes in knowledgebase article 122504 for advice on what to expect in your environment, and see also Known issues and limitations. When installed directly on Windows 10, Sophos Endpoint Security and Control gives the same threat protection and threat protection options that you are used to on Windows 7, 8 and 8.1.
Updated components
- Sophos Anti-Virus has been updated from 10.3.13 to 10.3.15.
- Sophos AutoUpdate has been updated from 4.1.0.273 to 4.3.10.
- Sophos Client Firewall has been updated from 3.0.3 to 3.0.4 and from 2.9.4 to 2.9.5.
- The threat detection engine has been updated from 3.58.3 to 3.60.0. For information about the changes to the threat detection engine, see the Sophos Threat Detection Engine release notes.
Version 10.3.13, April 2015
Components
| Sophos Anti-Virus (SAV) | 10.3.13 |
| Threat detection engine | 3.58.3 |
| Sophos Client Firewall (SCF) | 3.0.3 (Windows 8)
2.9.4 (Windows 7 and earlier) |
| Sophos AutoUpdate (SAU) | 4.1.0.273 |
| Sophos Patch Agent | 1.0.308.0 |
| Sophos Web Control | 10.3.10 |
| Sophos Remote Management System | 4.0.2 |
Updated components
- Sophos Anti-Virus has been updated from 10.3.12 to 10.3.13.
- The threat detection engine has been updated from 3.55.0 to 3.58.3. For information about the changes to the threat detection engine, see the threat detection engine release notes.
- Sophos AutoUpdate has been updated from 4.1.0.65 to 4.1.0.273.
- Sophos Patch Agent has been updated from 1.0.307.0 to 1.0.308.0.
- Sophos Remote Management System has been updated from 3.4.1 to 4.0.2.
New features
| Component | Description |
|---|---|
| Sophos Device Control | Kingston DataTraveler Locker+ G3 16GB USB flash drive has been added to the list of secure removable storage devices. (WINEP-606) |
Resolved issues
| Component | Issue ID | Description |
|---|---|---|
| Sophos Anti-Virus | WINEP-13 | 2 GB memory allowance for a 32-bit application exhausted when decomposing a folder. |
| Sophos AutoUpdate | WINEP-14 | Update to Sophos Anti-Virus 10.3.7 causes the AutoUpdate's component ALUpdate.exe to delete 10 GB worth of files on the system. |
| Sophos Anti-Virus | WINEP-16 | iSCSI mount points cannot be excluded from on-access scanning. |
| Sophos Anti-Virus | WINEP-17 | GPO makes it impossible to use right-click scanning or open Quarantine Manager when you click on a detection notification. |
| Sophos Anti-Virus | WINEP-18 | A major Sophos Anti-Virus upgrade or downgrade causes PureMessage to fail to open for 4 minutes. |
| Sophos Anti-Virus |
WINEP-24, |
Various media streaming websites are not working when Download scanning under Web Protection is enabled. |
| Sophos Device Control | WINEP-47 | Kanguru Defender 2000 4GB is not detected as a secure device. |
| Sophos Anti-Virus | Sophos Web Intelligence uses an increasing number of handles. | |
| Sophos Device Control | WINEP-81 | SafeToGo STG2-M device added to the list of secure removable storage devices in Sophos Anti-Virus 10.3.11 is not classed as a secure device for non-administrator accounts. |
| Sophos Anti-Virus | WINEP-128 | Web Protection functionality conflicts with the LanSchool software. |
| Sophos Remote Management System | WINEP-176 | Endpoint routers sometimes fail to re-establish connections after rejection. |
| Sophos Patch Agent | WINEP-327 | Sophos Patch Agent needs to be updated to handle latest non-Microsoft patches from Lumension. |
| Sophos Anti-Virus | WINEP-340 | Web Protection functionality conflicts with the Hummingbird SOCKS application. |
| Sophos Anti-Virus | On a Windows 8 or later endpoint with Full Web Control enabled and managed by a UTM appliance, internal SSL sites are failing when accessed by IP. | |
| Sophos Anti-Virus | WINEP-342 | Sophos Web Intelligence service (swi_service.exe) disappears after the upgrade to Sophos Anti-Virus 10.3.11. |
| Sophos Anti-Virus | WINEP-381 | Preserve the ODScanUpdateMetadata registry key during major upgrades of Sophos Anti-Virus. |
| Sophos AutoUpdate | WINEP-649 | BASIC proxy authentication fails with Sophos AutoUpdate 4.1.0.65 (Sophos Anti-Virus 10.3.12). |
Version 10.3.12, January 2015
Components
| Sophos Anti-Virus (SAV) | 10.3.12 |
| Threat detection engine | 3.55 |
| Sophos Client Firewall (SCF) | 3.0.3 (Windows 8)
2.9.4 (Windows 7 and earlier) |
| Sophos AutoUpdate (SAU) | 4.1.0 |
| Sophos Patch Agent | 1.0.307.0 |
From this release, Endpoint Security and Control no longer includes Sophos NAC. See knowledgebase article 120007.
Updated components
- Sophos Anti-Virus updated from 10.3.11.2 to 10.3.12.
- Threat detection engine updated from 3.53 to 3.55.
- Sophos AutoUpdate updated from 3.1.4 to 4.1.0.
Resolved issues
| Component | Issue ID | Description |
|---|---|---|
| Sophos Anti-Virus, Sophos Web Control | Web browsing speed improvements when using Sophos Web Control or Web Protection. | |
| Sophos Anti-Virus | WKI97820 | Resolved compatibility issues between Microsoft Enhanced Mitigation Experience Toolkit (EMET) "Caller Check" and Sophos hooks. |
Version 10.3.11, October 2014
Components
| Sophos Anti-Virus (SAV) | 10.3.11.2 |
| Threat detection engine | 3.53 |
| Sophos Client Firewall (SCF) | 3.0.3 (Windows 8)
2.9.4 (Windows 7 and earlier) |
| Sophos AutoUpdate (SAU) | 3.1.4 |
| Sophos Patch Agent | 1.0.307.0 |
New features
| Component | Description |
|---|---|
| Sophos Anti-Virus | The on-access file system filter driver for Windows 8, Windows 8.1, Windows 2012 and Windows 2012 R2 has been updated to improve system performance. |
| Sophos Anti-Virus | The threat detection engine has been updated. |
| Sophos Device Control | The following devices have been added to the list of secure removable storage
devices:
|
| Sophos Device Control | Intel Centrino Wireless Bluetooth Adapter has been added to the list of bluetooth interfaces. |
| Competitor Removal Tool | The following products have been added to the Sophos Competitor Removal Tool
integrated with Sophos Endpoint Security and Control (iCRT):
|
Resolved issues
| Component | Issue ID | Description |
|---|---|---|
| Sophos Anti-Virus, Sophos AutoUpdate | KB121385 | Fixed an installation and upgrade issue that occurred on Windows Server 2003 following the release of Microsoft Security Update KB2918614. |
| Sophos Anti-Virus | DEF97549 | Unquoted paths in the Sophos Anti-Virus 10.3.7 installer cause the installation, upgrade or uninstallation of Sophos Anti-Virus to fail on 64-bit versions of Windows. This happens if a file with a file name beginning with "program" is present in the root of the system drive. |
| Sophos Anti-Virus | DEF97183 | Sophos Anti-Virus 10.3.7 does not install on a Server Core installation of Windows Server 2012. |
| Sophos Anti-Virus | DEF88319 | Email alerting settings for right-click scanning do not change when the global email alerting settings are changed. |
| Sophos AutoUpdate | WKI97704 | The updating status "Unknown" is displayed in the Up to date column in Sophos Enterprise Console after a major Sophos AutoUpdate upgrade on an endpoint and until the next endpoint update. This happens because not all of the old threat identity (IDE) files are being deleted on upgrade; they are then deleted during the next update. |
| Sophos AutoUpdate | DEF97693 | The Sophos Agent service (ManagementAgentNT.exe) crashes when the size of the Sophos AutoUpdate policy file is 0 bytes. |
| Sophos AutoUpdate | WKI97618 | In Endpoint Security and Control 10.3.7, Sophos AutoUpdate doesn't work if Citrix Single Sign-On Plug-in is installed on the same machine. |
| Sophos AutoUpdate | WKI97582 | In Endpoint Security and Control 10.3.7, Sophos AutoUpdate 3.1 doesn't work if a Hummingbird client is installed on the same machine. |
| Sophos AutoUpdate | DEF97279 | Basic authentication for proxies fails with Sophos Anti-Virus 10.3.7. |
| Sophos AutoUpdate | DEF97247 | Updating fails with manifest errors when a standalone Sophos Anti-Virus package is installed to a non-default location and then updated from a Central Installation Directory (CID). |
| Sophos AutoUpdate | DEF95816 | When Sophos AutoUpdate 2.x is upgraded to version 3.1 on an endpoint that
updates from a CID, the following error message appears:
Sophos AutoUpdate - Error 25010. An error occurred while running the custom action 'UpdateProductInfo'. Reason: Unable to read ProductID.dat or Migration.dat. Contact your support personnel. |
| Data Control | DEF92713 | Data Control causes a Windows 8 tablet to start slowly. |
| Sophos Web Control | DEF96534 | Adding a period to the end of a URL blocked by domain name allows to access the URL. |
| Sophos Web Control | DEF95866 | A "this page has been blocked" pop-up message is displayed for an allowed page that has links to a website blocked by category (for example, Facebook, when blocked under the Personals and Dating category). |
| Sophos Web Control | DEF95685 | Endpoints do not automatically get a web control policy from a new Sophos Web Appliance (SWA) or UTM appliance after they have been managed by a different SWA or UTM appliance. |
| Sophos Web Control | DEF95345 | Add support for WebSockets in Sophos Web Intelligence (SWI) service. |
Version 10.3.7, April 2014
Components
| Sophos Anti-Virus (SAV) | 10.3.7 |
| Threat detection engine | 3.51.1 |
| Sophos Client Firewall (SCF) | 3.0.3 (Windows 8)
2.9.4 (Windows 7 and earlier) |
| Sophos AutoUpdate (SAU) | 3.1.1.18 |
| Sophos Patch Agent | 1.0.307.0 |
New features
| Component | Description |
|---|---|
| Sophos Anti-Virus | The threat detection engine has been updated. |
| Sophos Anti-Virus | The Sophos Anti-Virus drivers have been rebuilt with an updated compiler. |
| Sophos Device Control | Sophos Device Control can now block access to smart phones or other devices that use the MTP/PTP protocols. This option can only be set centrally at the management console. |
| Sophos AutoUpdate | The back-end updating system has been upgraded. |
| Sophos AutoUpdate | The threat data is now distributed as a supplement, which is updated independently from Endpoint Security and Control and allows for more frequent updates. |
| Sophos Client Firewall | A number of security enhancements have been implemented in Sophos Client Firewall. |
| Sophos Patch | Windows 8 support. |
| Sophos Web Control | Windows 8 support. |
Resolved issues
| Component | Issue ID | Description |
|---|---|---|
| Sophos Device Control | DEF93728 | Add IronKey Enterprise D250 4GB to the list of secure removable storage devices. |
| Sophos Device Control | DEF93180 | Add Kingston DataTraveler Locker+ G2 8GB to the list of secure removable storage devices. |
| Sophos Device Control | DEF91534 | If device control is enabled on a computer running VMware Tools and access to floppy disk drives is set to read-only, this message is repeatedly displayed on the desktop: "Access to device blocked by Sophos. Write access to controlled device type 'Floppy disk drives' blocked by the administrator". The message is also added to the log. This happens because the VMware Tools service attempts to access the floppy drive every few seconds (and will continue to do so even if the floppy drive is no longer connected). |
| Sophos Device Control | DEF73772 | Sophos Device Control displays the message "Device Control failed when checking volume access: device name=\device\volume, errorCode-0x8000ffff". This is because an error has occurred in the process that checks whether a device is read-only. |
| Sophos Device Control | DEF87140 | Realtek RTL8187B Wi-Fi chipset is not detected as a Wi-Fi device by Device Control. |
| Sophos Anti-Virus | SUG94215 | Policies lost on downgrade from version 10.3.3 (Preview) to version 10.3.1 (Recommended). |
| Sophos AutoUpdate | DEF94488 | The version of Sophos AutoUpdate is incorrectly reported in the Sophos Endpoint Security and Control user interface for non-administrator users. |
| Sophos AutoUpdate | DEF94174 | Enhance security permissions on the AutoUpdate program folder. |
| Sophos AutoUpdate | DEF85587 | Sophos AutoUpdate uninstallation or reinstallation fails if certain components are missing. |
| Sophos Client Firewall | WKI94527 | Microsoft update KB2887595 for Windows 8.1 causes a conflict with Sophos Client Firewall. |
| Sophos Web Control | DEF79725 | Sophos Web Control doesn't work when a user uses Internet Explorer in the new Windows 8 UI. |
Version 10.3.1, February 2014
Components
| Sophos Anti-Virus (SAV) | 10.3.1 |
| Threat detection engine | 3.50.1 |
| Threat data | 4.98, February 2014 |
| Sophos Client Firewall (SCF) | 3.0.0 (Windows 8)
2.9.3 (Windows 7 and earlier) |
| Sophos AutoUpdate (SAU) | 2.9.0 |
New features
| Component | Description |
|---|---|
| Sophos Anti-Virus | The threat data has been updated. |
Resolved issues
| Component | Issue ID | Description |
|---|---|---|
| Sophos Anti-Virus | DEF93356 | Vulnerability in Microsoft Detours software used in Sophos Anti-Virus. |
Version 10.3.1, January 2014
Components
| Sophos Anti-Virus (SAV) | 10.3.1 |
| Threat detection engine | 3.50.1 |
| Threat data | 4.97, January 2014 |
| Sophos Client Firewall (SCF) | 3.0.0 (Windows 8)
2.9.3 (Windows 7 and earlier) |
| Sophos AutoUpdate (SAU) | 2.9.0 |
New features
| Component | Description |
|---|---|
| Sophos Anti-Virus | The threat detection engine and threat data have been updated. |
Known issues and limitations
| Component | Issue ID | Description | Comment |
|---|---|---|---|
| Sophos Anti-Virus | WINEP-1862 | If you have a version of Sophos Anti-Virus installed that is earlier than
10.3.15, and choose to uninstall it from the Windows 10 Setup
wizard, What needs your attention screen by using the
Uninstall button, not all of the Endpoint Security and
Control components will be removed.
We recommend that you upgrade to Endpoint Security and Control 10.3.15 before upgrading to Windows 10. For more information about removing Endpoint Security and Control, see knowledgebase article 12360. |
Windows 10 support |
| Sophos Anti-Virus | - | On 64-bit computers upgraded from Windows 8.1 to Windows 10, in the 32-bit
version of Windows Explorer, the right-click option Scan with Sophos
Anti-Virus does not work. (The option works correctly in the native
64-bit version of Windows Explorer.) This is due to a missing Sophos registry key,
that has not been migrated during the OS upgrade.
To resolve this issue, re-protect the computers: in Enterprise Console, select the computers you want to re-protect, right-click, and then click Protect Computers. Follow the steps in the Protect Computers Wizard. Alternatively, to manually re-protect a computer, follow the steps provided in knowledgebase article 12386. |
V.10.3.15, Windows 10 support |
| Sophos Anti-Virus | - | After an upgrade from Windows 8.1 (either 64-bit or 32-bit) to Windows 10, if a
computer is started in safe mode, the Sophos Anti-Virus service (SAVService.exe) fails
to start. This is due to a missing Sophos registry key, that has not been migrated
during the OS upgrade.
To resolve this issue, re-protect the computers. |
V.10.3.15, Windows 10 support |
| Sophos Anti-Virus | - | After an upgrade from Windows 8.1 (either 64-bit or 32-bit) to Windows 10, the
Sophos Healthcheck tool fails with warnings
about missing registry keys. This is because some of the Sophos registry keys have not
been migrated during the OS upgrade.
To resolve this issue, re-protect the computers. |
V.10.3.15, Windows 10 support |
| Sophos Anti-Virus | WINEP-1813 | On SAV upgrade, for example, from 10.3.12 to 10.3.15, the following error may
appear in Enterprise Console and in the SAV log on the endpoint:
Web protection is no longer functional. The filtering driver has been bypassed or unloaded 0xa058000c This issue is caused by Sophos Client Firewall blocking the web protection processes. To work around it, allow the processes in the firewall policy in Enterprise Console as follows. In the advanced Firewall Policy configuration dialog, under Configurations, click Configure next to a location you want to configure, go to the Processes tab, click Add to allow an application to launch hidden processes and add the following files: swi_lspdiag.exe and swi_lspdiag64.exe. |
V.10.3.15 |
| Sophos Anti-Virus | - | When a computer is upgraded to Windows 10, the following error may be reported
against it in Enterprise Console:
Web Protection is no longer functional. The filtering driver has been bypassed or unloaded. [0xa058000c] These errors can be safely ignored. To remove them from Enterprise Console, after the computer has been upgraded to Windows 10, right-click the computer, click Resolve Alerts and Errors, select the errors and click Acknowledge. |
V.10.3.15, Windows 10 support |
| Sophos Anti-Virus | WINEP-1770 | Sophos Anti-Virus doesn’t support Hypervisor enforced Code Integrity introduced in the Enterprise lockdown mode. | V.10.3.15, Windows 10 support |
| Sophos AutoUpdate | WINEP-1841 |
The update log (C:\ProgramData\Sophos\AutoUpdate\logs\alc.log) contains messages about “skipped” components that are not included in this version of Endpoint Security and Control, for example: Installation of Sophos Network Threat Protection skipped Installation of Sophos System Protection skipped These messages can be safely ignored. |
|
| Sophos Client Firewall | - | After upgrading to Windows 10 a computer with a standalone installation of Sophos
Endpoint Security and Control that includes Sophos Client Firewall, the firewall
configuration cannot be applied. The following errors are logged in the firewall
system log:
Failed to configure the firewall. Failed to update the filter rules, error 80004005. To resolve this issue, restart the computer. |
V.10.3.15, Windows 10 support |
| Sophos Client Firewall | WINEP-1819 | After an upgrade from Windows 7 to Windows 10, the firewall Windows 7 driver
SCFNdis.sys is migrated but cannot be loaded and may cause a system error
when the computer is booted.
To resolve this issue, browse to the folder C:\Windows\System32\drivers and delete the file SCFNdis.sys. |
V.10.3.15, Windows 10 support |
| Sophos Client Firewall | - | When a computer is upgraded to Windows 10, the following errors may be reported
against it in Enterprise Console:
Failed to configure the firewall. Failed to update the filter rules, error 80004005. These errors can be safely ignored. To remove them from Enterprise Console, after the computer has been upgraded to Windows 10, right-click the computer, click Resolve Alerts and Errors, select the errors and click Acknowledge. |
V.10.3.15, Windows 10 support |
| Sophos Client Firewall | - | It is not possible to deploy Sophos Anti-Virus and Sophos Client Firewall to a
Windows 10 endpoint at the same time from Sophos Enterprise Console.
Workaround: Deploy Sophos Anti-Virus first, and then re-run the Protect Computers Wizard and deploy Sophos Client Firewall. |
Windows 10 support |
| Sophos Client Firewall | - | On upgrade to Windows 10, Sophos Client Firewall loses all custom configuration settings and reverts to the default settings. Custom
configuration settings need to be re-applied following the upgrade.
|
V.10.3.15, Windows 10 support |
| Sophos Client Firewall | WINEP-1758 | On Windows 10, a dual location firewall policy cannot be applied to an endpoint
when both locations are visible (this includes VPN connections). The following errors
appear in the firewall system log:
Failed to configure the firewall Failed to update the filter rules error 80004005 Workaround: Disable configuration for a secondary location, or use Windows Firewall instead. |
Windows 10 support |
| Sophos Patch | WINEP-1818 | In Enterprise Console, in the Protect Computers Wizard,
Windows 10 is not listed in the list of platforms on which Patch is available, even
though Sophos Patch Agent can be installed on Windows 10.
Note: Even though Sophos
Patch Agent will install on Windows 10, it is not currently supported on it and will
not report missing patch information.
|
Windows 10 support |
| Data Control | DEF79180 | Files that breach a data control rule can still be transferred to a Windows 8 storage pool. | |
| Installer | DEF84838 | Protecting Windows 8 or Windows Server 2012 computers that are in a workgroup
from Sophos Enterprise Console 5.1 on Windows Server 2008 or Windows Server 2008 R2
fails with the errors "Failed to launch setup.exe" and "2147942405".
For more information and instructions on how to enable deployment, see http://www.sophos.com/en-us/support/knowledgebase/118354.aspx. |
|
| Sophos Anti-Virus | DEF84420 | If you use a browser's Windows 8 Modern UI application to access a malicious website, and you click the toast that Sophos Anti-Virus displays, the browser is minimized and the desktop is displayed instead. To switch back to the browser, press Alt+Tab. | |
| Sophos Anti-Virus | DEF83463 | Although Sophos Anti-Virus can scan files that are locked during an on-demand scan, it cannot perform cleanup successfully. | |
| Sophos Anti-Virus | DEF79482 | iSCSI mount points cannot be excluded from on-access scanning. | |
| Sophos Anti-Virus, Sophos Web Control | - | Sophos web protection and web control use a Layered Service Provider (LSP) to intercept network traffic. If web protection or web control is turned on while an incompatible third-party LSP is running, system instability can occur. Therefore, if a third-party LSP that is known to be incompatible is already installed on the computer, the Sophos LSP is not installed. For more information, see http://www.sophos.com/en-us/support/knowledgebase/116241.aspx. |
Additional information
System requirements
Sophos Endpoint Security and Control is supported on Windows XP/2003/Vista/2008/7/8/2012/Windows 10. For a full list of system requirements, see System Requirements for Antivirus protection for Windows.
Subscriptions, packages and product versions
Which maintenance version of Endpoint Security and Control do I have?
To find out which maintenance version of Endpoint Security and Control (for example, 10.3.7) is running on your computer:
- Open Endpoint Security and Control.
- In the left-hand pane, under Help and information, click View product information.
- Under Anti-virus and HIPS, click Software.
Deployment
Automatic deployment of Endpoint Security and Control to Windows 8 and Windows Server 2012 from Enterprise Console requires Enterprise Console 5.1 or later.
Automatic deployment of Endpoint Security and Control to Windows 8.1 and Windows Server 2012 R2 from Enterprise Console requires Enterprise Console 5.2.1 R2 or later.
If you are using Enterprise Console 5.0 or earlier, you can install the software by running the installer from a bootstrap location that contains a software subscription for version 10.3. For more information on manual installation, see http://www.sophos.com/en-us/support/knowledgebase/12386.aspx.
Support for Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2
- Endpoint Security and Control uses toast notifications instead of balloon notifications to display messages on screen.
- If you specify a user-defined message to be displayed in desktop messages, it is not displayed in toasts. For more information, see http://www.sophos.com/en-us/support/knowledgebase/118233.aspx.
- If Sophos Anti-Virus cleans up a threat that affects a Windows Store app, it marks the app as tampered with. This causes Windows to offer the user the ability to re-download and re-install the app.
- Rootkit scanning is not supported on REFS file systems on Windows Server 2012 and Windows Server 2012 R2. If the user attempts a rootkit scan on this file system, a message will be logged in the SAV log telling them that rootkit scanning is not supported.
Sophos Client Firewall
- A number of features have been removed from Sophos Client Firewall 3.0 for
Windows 8:
Interactive mode
Hidden process detection
Modified memory detection
Rawsocket applications (rawsockets are treated the same as other connections)
Non-stateful rules
The option Concurrent connections for TCP rules
The option Where the local port is equal to the remote port - Sophos Client Firewall does not support the "mobile broadband" driver model in Windows 7.
- When you install Sophos Client Firewall, all network adapters are temporarily disconnected. This results in network connections being unavailable for up to 20 seconds and the disconnection of networked applications such as Microsoft Remote Desktop.
- When the log is displayed in a view that auto-refreshes (such as Allowed connections), the view stops refreshing if the service is under a heavy load. After changing to a different view and then back again, auto-refreshing works normally.
Application Control
When Sophos Anti-Virus detects a controlled application on a remote share, the alert always shows that the application was detected on the local computer.
Sophos Device Control
Sophos Device Control does not block removable storage devices that are used as system drives, as this typically destabilizes the operating system.
Unsupported scenarios
- Endpoint Security and Control standalone installations do not support Windows Server Core.
- Endpoint Security and Control managed and standalone installations do not support Windows Server Core Hyper-V.
Shared Windows components
When you install Sophos software, some Windows components that might also be used by non-Sophos software are also installed or upgraded:
| Sophos software | Shared Windows component | |||
|---|---|---|---|---|
| Name | File names | Versions | Date of inclusion with Sophos software | |
| Sophos Anti-Virus | Microsoft XML Core Services | msxml4.dll | 4.30.2100.0 | September 2009 |
| msxml4r.dll | 4.30.2100.0 | September 2009 | ||
| ATL Library | atl90.dll | 9.0.30729.4148 | June 2013 | |
| Microsoft Visual C/C++ Runtime Libraries | msvcm90.dll | 9.0.30729.4148 | June 2013 | |
| msvcp90.dll | 9.0.30729.4148 | June 2013 | ||
| msvcr90.dll | 9.0.30729.4148 | June 2013 | ||
| Sophos Client Firewall 3.0 for Windows 8 | Microsoft XML Core Services | msxml4.dll | 4.30.2100.0 | June 2013 |
| msxml4r.dll | 4.30.2100.0 | June 2013 | ||
| Microsoft Visual C/C++ Runtime Libraries | msvcm90.dll | 9.0.30729.6161 | June 2013 | |
| msvcp90.dll | 9.0.30729.6161 | June 2013 | ||
| msvcr90.dll | 9.0.30729.6161 | June 2013 | ||
| Sophos Client Firewall 2.9 for Windows 7 and earlier | Microsoft XML Core Services | msxml4.dll | 4.30.2100.0 | September 2009 |
| msxml4r.dll | 4.30.2100.0 | September 2009 | ||
| Microsoft Visual C/C++ Runtime Libraries | msvcm90.dll | 9.0.30729.6161 | October 2013 | |
| msvcp90.dll | 9.0.30729.6161 | October 2013 | ||
| msvcr90.dll | 9.0.30729.6161 | October 2013 | ||
Technical support
You can find technical support for Sophos products in any of these ways:
- Visit the SophosTalk community at community.sophos.com/ and search for other users who are experiencing the same problem.
- Visit the Sophos support knowledgebase at www.sophos.com/en-us/support.aspx.
- Download the product documentation at www.sophos.com/en-us/support/documentation.aspx.
- Open a ticket with our support team at https://secure2.sophos.com/support/contact-support/support-query.aspx.
Legal notices
Copyright © 2011–2016 Sophos Limited. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.
Sophos, Sophos Anti-Virus and SafeGuard are registered trademarks of Sophos Limited, Sophos Group and Utimaco Safeware AG, as applicable. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.